Menu
▾
▴
[AOLSERVER-COMMITS] nsopenssl ChangeLog, 1.120, 1.121 README, 1.6, 1.7 sslcontext.c, 1.14, 1.15
|
From: Scott S. G. <sc...@us...> - 2016-12-18 19:21:49
|
Update of /cvsroot/aolserver/nsopenssl In directory sfp-cvs-1.v30.ch3.sourceforge.com:/tmp/cvs-serv25785 Modified Files: ChangeLog README sslcontext.c Log Message: Changed ECDH to use 2048 bit ECDH parameters as 1024 bit or less parameters are now considered weak and insecure and can subject your site to the LOGJAM attack. The 1024 bit ECDH included code is commented out; what bit size parameters one sets up may become a configuration option in the future. See: https://weakdh.org Turned on preference for enforcing server cipher order (SSL_OP_CIPHER_SERVER_PREFERENCE) to prevent a client from using a lower security cipher suite if a higher security one is available on both ends (though I think you can set the order manually via the CipherSuite parameter and set a less secure cipher suite order). This is hard-coded for now but may become an option in the future with a reasonable default. Updated README ns_param for Protocols and CipherSuites to be more secure examples. Index: README =================================================================== RCS file: /cvsroot/aolserver/nsopenssl/README,v retrieving revision 1.6 retrieving revision 1.7 diff -C2 -d -r1.6 -r1.7 *** README 25 Aug 2004 21:33:47 -0000 1.6 --- README 18 Dec 2016 19:21:47 -0000 1.7 *************** *** 134,139 **** ns_param CADir ca-client/dir ns_param CAFile ca-client/ca-client.crt ! ns_param Protocols "SSLv3, TLSv1" ! ns_param CipherSuite "ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:+LOW:++EXP" ns_param PeerVerify false ns_param PeerVerifyDepth 3 --- 134,140 ---- ns_param CADir ca-client/dir ns_param CAFile ca-client/ca-client.crt ! ns_param Protocols "-SSLv2 -SSLv3 TLSv1 TLSv1.1 TLSv1.2" ! ns_param CipherSuite "kEECDH+ECDSA:kEECDH:kEDH:HIGH:+SHA:+RC4:RC4:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!DSS:!PSK:!SRP:!kECDH:!CAMELLIA:!IDEA:!SEED" ! #ns_param CipherSuite "ALL:!ADH:RC4+RSA:+HIGH:-MEDIUM:-LOW:-EXP" ns_param PeerVerify false ns_param PeerVerifyDepth 3 Index: sslcontext.c =================================================================== RCS file: /cvsroot/aolserver/nsopenssl/sslcontext.c,v retrieving revision 1.14 retrieving revision 1.15 diff -C2 -d -r1.14 -r1.15 *** sslcontext.c 18 Dec 2016 18:21:58 -0000 1.14 --- sslcontext.c 18 Dec 2016 19:21:47 -0000 1.15 *************** *** 39,42 **** --- 39,43 ---- #include "nsopenssl.h" #include "dh1024.h" + #include "dh2048.h" Tcl_HashTable NsOpenSSLServers; *************** *** 212,215 **** --- 213,218 ---- NsOpenSSLContextInit(char *server, NsOpenSSLContext *sslcontext) { + const char * dh_bits = "2048"; + if (sslcontext == NULL) { Ns_Log(Error, "%s (%s): SSL context is NULL", MODULE, server); *************** *** 228,231 **** --- 231,237 ---- if (sslcontext->role) { sslcontext->sslctx = SSL_CTX_new(SSLv23_server_method()); + SSL_CTX_set_options(sslcontext->sslctx, SSL_OP_CIPHER_SERVER_PREFERENCE); + Ns_Log(Notice, "%s (%s): '%s' prefer server cipher set to on", + MODULE, server, sslcontext->name); } else { sslcontext->sslctx = SSL_CTX_new(SSLv23_client_method()); *************** *** 267,277 **** */ ! DH *dh = get_dh1024(); if (dh == NULL || SSL_CTX_set_tmp_dh(sslcontext->sslctx, dh) == 0) { ! Ns_Log(Error, "%s (%s): failed to set DH parameters - some ciphers will not be available", ! MODULE, server); } else { ! Ns_Log(Notice, "%s (%s): DH parameters (1024 bit) set", ! MODULE, server); /* * Necessary for OpenSSL 1.0.2 - 1.0.2e to fix vulnerability. --- 273,283 ---- */ ! DH *dh = get_dh2048(); if (dh == NULL || SSL_CTX_set_tmp_dh(sslcontext->sslctx, dh) == 0) { ! Ns_Log(Error, "%s (%s): '%s' failed to set DH parameters - some ciphers will not be available", ! MODULE, server, sslcontext->name); } else { ! Ns_Log(Notice, "%s (%s): '%s' DH parameters (%s bit) set", ! MODULE, server, sslcontext->name, dh_bits); /* * Necessary for OpenSSL 1.0.2 - 1.0.2e to fix vulnerability. *************** *** 294,303 **** EC_KEY *ecdh = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1); ! if (ecdh == NULL || SSL_CTX_set_tmp_ecdh(sslcontext->sslctx, ecdh) != 1) { ! Ns_Log(Error, "%s (%s): failed to set ECDH parameters - some ciphers will not be available", ! MODULE, server); } else { ! Ns_Log(Notice, "%s (%s): ECDH parameters set using the prime256v1 curve", ! MODULE, server); } EC_KEY_free (ecdh); --- 300,309 ---- EC_KEY *ecdh = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1); ! if (ecdh == NULL || SSL_CTX_set_tmp_ecdh(sslcontext->sslctx, ecdh) == 0) { ! Ns_Log(Error, "%s (%s): '%s' failed to set ECDH parameters - some ciphers will not be available", ! MODULE, server, sslcontext->name); } else { ! Ns_Log(Notice, "%s (%s): '%s' ECDH parameters set using the prime256v1 curve", ! MODULE, server, sslcontext->name); } EC_KEY_free (ecdh); Index: ChangeLog =================================================================== RCS file: /cvsroot/aolserver/nsopenssl/ChangeLog,v retrieving revision 1.120 retrieving revision 1.121 diff -C2 -d -r1.120 -r1.121 *** ChangeLog 18 Dec 2016 18:21:58 -0000 1.120 --- ChangeLog 18 Dec 2016 19:21:47 -0000 1.121 *************** *** 1,2 **** --- 1,23 ---- + 2016-12-19 Scott S. Goodwin <sc...@sc...> + + * sslcontext.c: Changed ECDH to use 2048 bit ECDH parameters as 1024 + bit or less parameters are now considered weak and insecure and can + subject your site to the LOGJAM attack. The 1024 bit ECDH included + code is commented out; what bit size parameters one sets up may + become a configuration option in the future. + + See: https://weakdh.org + + Turned on preference for enforcing server cipher order + (SSL_OP_CIPHER_SERVER_PREFERENCE) to prevent a client from using a + lower security cipher suite if a higher security one is available on + both ends (though I think you can set the order manually via the + CipherSuite parameter and set a less secure cipher suite order). This + is hard-coded for now but may become an option in the future with a + reasonable default. + + * README: Updated ns_param for Protocols and CipherSuites to be more + secure examples. + 2016-12-18 Scott S. Goodwin <sc...@sc...> |